1 files changed, 125 insertions, 2 deletions
diff --git a/src/regress/lib/libcrypto/cms/cmstest.c b/src/regress/lib/libcrypto/cms/cmstest.c
index 40cb611c9a..466583ecb2 100644
--- a/src/regress/lib/libcrypto/cms/cmstest.c
+++ b/src/regress/lib/libcrypto/cms/cmstest.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: cmstest.c,v 1.1 2019/11/02 15:35:10 jsing Exp $       */
+/*      $OpenBSD: cmstest.c,v 1.2 2019/11/04 12:31:59 jsing Exp $       */
 /*
 * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -29,6 +29,25 @@ static int verbose = 0;
 static const char cms_msg[] = "Hello CMS!\r\n";
+static const char cms_ca_1[] = \
+    "-----BEGIN CERTIFICATE-----\n"
+    "MIICqDCCAZACCQD8ebR8e4kdvjANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtU\n"
+    "ZXN0IENNUyBDQTAeFw0xOTA1MTExNTUzNTNaFw0yOTA1MDgxNTUzNTNaMBYxFDAS\n"
+    "BgNVBAMMC1Rlc3QgQ01TIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n"
+    "AQEAoIiW3POGYfhY0BEgG8mIwouOI917M72jsuUE57ccjEXLWseItLb7r9vkiwW/\n"
+    "FYbz0UYkJW1JgpZmWaTGOgZGxj+WTzxh1aq7OHyJb6Pxwp9wGrGJu+BEqOZN/bi/\n"
+    "aQ1l8x7DxVJkFeI1+4QKDfmGYfWoVzQLgamO3u0vxz3Vi/XzX01ZomcZUYYx0lIq\n"
+    "hxAO665HoPUmecqYdLPquJNxdfiy37ieLJOmIsKZJtMcCZAxqhcCwE7I0196Ng3P\n"
+    "fK9Sl7BCyTBszb2YC2qOleuI2Wjg/7o1+hugopUkjxz0RGFu5s3K9PhCLwpqylXg\n"
+    "IXe9Vwi38gKawD3yjtDBRDNmIwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAvsvtc\n"
+    "cO0Eo0F6MvB0bjBIMHBkKyWcmD2c5gVFhbHyRD+XBVXNdn5CcBba2amm0VgShBpM\n"
+    "4e1rOtIH/Hf6nB3c/EjZvd16ryoTCTvzayac7sD2Y8IxF1JIAKvjFbu+LmzM/F5f\n"
+    "x3/WdY1qs5W7lO46i8xmSUAP88gohWP4cyVUAITNrh/RSOFaWUd5i1/vZ+iEexLI\n"
+    "rQWsweJleOxvA8SrXm2gAkqRWEncsxOrsX/MsPl7iJoebLhWbS3cOHhutWrfhdlC\n"
+    "2uT6K7SA9rn6qqmvI6mLkHJQpqq++Py2UTDo1u8VKa3ieYNUN070kgxpYiVBGs3L\n"
+    "aaACIcEs48gnTRWc\n"
+    "-----END CERTIFICATE-----\n";
 static const char cms_cert_1[] = \
    "-----BEGIN CERTIFICATE-----\n"
    "MIICpDCCAYwCAQMwDQYJKoZIhvcNAQEFBQAwFjEUMBIGA1UEAwwLVGVzdCBDTVMg\n"
@@ -96,7 +115,7 @@ test_cms_encrypt_decrypt()
        CMS_ContentInfo *ci = NULL;
        EVP_PKEY *pkey = NULL;
        BIO *bio_mem = NULL;
-        BIO *bio_out;
+        BIO *bio_out = NULL;
        X509 *cert = NULL;
        size_t len;
        char *p;
@@ -169,10 +188,113 @@ test_cms_encrypt_decrypt()
 failure:
        BIO_free(bio_mem);
+        BIO_free(bio_out);
+        CMS_ContentInfo_free(ci);
+        EVP_PKEY_free(pkey);
+        sk_X509_free(certs);
+        X509_free(cert);
+        return failed;
+}
+static int
+test_cms_sign_verify()
+{
+        STACK_OF(X509) *certs = NULL;
+        CMS_ContentInfo *ci = NULL;
+        X509_STORE *store = NULL;
+        EVP_PKEY *pkey = NULL;
+        BIO *bio_mem = NULL;
+        BIO *bio_out = NULL;
+        X509 *cert = NULL;
+        X509 *ca = NULL;
+        size_t len;
+        char *p;
+        int failed = 1;
+        if ((bio_out = BIO_new_fp(stdout, BIO_NOCLOSE)) == NULL)
+                errx(1, "failed to create BIO");
+        if ((certs = sk_X509_new_null()) == NULL)
+                errx(1, "failed to create certs");
+        if ((bio_mem = BIO_new_mem_buf(cms_cert_1, -1)) == NULL)
+                errx(1, "failed to create BIO for cert");
+        if ((cert = PEM_read_bio_X509(bio_mem, NULL, NULL, NULL)) == NULL)
+                errx(1, "failed to read cert");
+        if (!sk_X509_push(certs, cert))
+                errx(1, "failed to push cert");
+        BIO_free(bio_mem);
+        if ((bio_mem = BIO_new_mem_buf(cms_ca_1, -1)) == NULL)
+                errx(1, "failed to create BIO for cert");
+        if ((ca = PEM_read_bio_X509(bio_mem, NULL, NULL, NULL)) == NULL)
+                errx(1, "failed to read cert");
+        if ((store = X509_STORE_new()) == NULL)
+                errx(1, "failed to create X509 store");
+        if (!X509_STORE_add_cert(store, ca))
+                errx(1, "failed to add cert to store");
+        BIO_free(bio_mem);
+        if ((bio_mem = BIO_new_mem_buf(cms_key_1, -1)) == NULL)
+                errx(1, "failed to create BIO for key");
+        if ((pkey = PEM_read_bio_PrivateKey(bio_mem, NULL, NULL, NULL)) == NULL)
+                errx(1, "failed to read key");
+        BIO_free(bio_mem);
+        if ((bio_mem = BIO_new_mem_buf(cms_msg, -1)) == NULL)
+                errx(1, "failed to create BIO for message");
+        if ((ci = CMS_sign(cert, pkey, NULL, bio_mem, 0)) == NULL) {
+                fprintf(stderr, "FAIL: CMS sign failed\n");
+                ERR_print_errors_fp(stderr);
+                goto failure;
+        }
+        if (verbose) {
+                if (!CMS_ContentInfo_print_ctx(bio_out, ci, 0, NULL))
+                        errx(1, "failed to print CMS ContentInfo");
+                if (!PEM_write_bio_CMS(bio_out, ci))
+                        errx(1, "failed to print CMS PEM");
+        }
+        BIO_free(bio_mem);
+        if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
+                errx(1, "failed to create BIO for message");
+        if (!CMS_verify(ci, certs, store, NULL, bio_mem, 0)) {
+                fprintf(stderr, "FAIL: CMS_verify failed\n");
+                ERR_print_errors_fp(stderr);
+                goto failure;
+        }
+        if ((len = BIO_get_mem_data(bio_mem, &p)) != strlen(cms_msg)) {
+                fprintf(stderr, "FAIL: CMS verify returned %li bytes, "
+                    "want %zi bytes\n", len, strlen(cms_msg));
+                fprintf(stderr, "Got CMS data:\n");
+                hexdump(p, len);
+                fprintf(stderr, "Want CMS data:\n");
+                hexdump(cms_msg, strlen(cms_msg));
+                goto failure;
+        }
+        if (memcmp(p, cms_msg, len) != 0) {
+                fprintf(stderr, "FAIL: CMS verify message differs");
+                fprintf(stderr, "Got CMS data:\n");
+                hexdump(p, len);
+                fprintf(stderr, "Want CMS data:\n");
+                hexdump(cms_msg, strlen(cms_msg));
+                goto failure;
+        }
+        failed = 0;
+ failure:
+        BIO_free(bio_mem);
+        BIO_free(bio_out);
        CMS_ContentInfo_free(ci);
        EVP_PKEY_free(pkey);
        sk_X509_free(certs);
        X509_free(cert);
+        X509_STORE_free(store);
        return failed;
 }
@@ -185,6 +307,7 @@ main(int argc, char **argv)
        ERR_load_crypto_strings();
        failed |= test_cms_encrypt_decrypt();
+        failed |= test_cms_sign_verify();
        return failed;
 }

diff --git a/src/regress/lib/libcrypto/cms/cmstest.c b/src/regress/lib/libcrypto/cms/cmstest.c index 40cb611c9a..466583ecb2 100644 --- a/src/regress/lib/libcrypto/cms/cmstest.c +++ b/src/regress/lib/libcrypto/cms/cmstest.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: cmstest.c,v 1.1 2019/11/02 15:35:10 jsing Exp $ */	1	/* $OpenBSD: cmstest.c,v 1.2 2019/11/04 12:31:59 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -29,6 +29,25 @@ static int verbose = 0;
29		29
30	static const char cms_msg[] = "Hello CMS!\r\n";	30	static const char cms_msg[] = "Hello CMS!\r\n";
31		31
		32	static const char cms_ca_1[] = \
		33	"-----BEGIN CERTIFICATE-----\n"
		34	"MIICqDCCAZACCQD8ebR8e4kdvjANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtU\n"
		35	"ZXN0IENNUyBDQTAeFw0xOTA1MTExNTUzNTNaFw0yOTA1MDgxNTUzNTNaMBYxFDAS\n"
		36	"BgNVBAMMC1Rlc3QgQ01TIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n"
		37	"AQEAoIiW3POGYfhY0BEgG8mIwouOI917M72jsuUE57ccjEXLWseItLb7r9vkiwW/\n"
		38	"FYbz0UYkJW1JgpZmWaTGOgZGxj+WTzxh1aq7OHyJb6Pxwp9wGrGJu+BEqOZN/bi/\n"
		39	"aQ1l8x7DxVJkFeI1+4QKDfmGYfWoVzQLgamO3u0vxz3Vi/XzX01ZomcZUYYx0lIq\n"
		40	"hxAO665HoPUmecqYdLPquJNxdfiy37ieLJOmIsKZJtMcCZAxqhcCwE7I0196Ng3P\n"
		41	"fK9Sl7BCyTBszb2YC2qOleuI2Wjg/7o1+hugopUkjxz0RGFu5s3K9PhCLwpqylXg\n"
		42	"IXe9Vwi38gKawD3yjtDBRDNmIwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAvsvtc\n"
		43	"cO0Eo0F6MvB0bjBIMHBkKyWcmD2c5gVFhbHyRD+XBVXNdn5CcBba2amm0VgShBpM\n"
		44	"4e1rOtIH/Hf6nB3c/EjZvd16ryoTCTvzayac7sD2Y8IxF1JIAKvjFbu+LmzM/F5f\n"
		45	"x3/WdY1qs5W7lO46i8xmSUAP88gohWP4cyVUAITNrh/RSOFaWUd5i1/vZ+iEexLI\n"
		46	"rQWsweJleOxvA8SrXm2gAkqRWEncsxOrsX/MsPl7iJoebLhWbS3cOHhutWrfhdlC\n"
		47	"2uT6K7SA9rn6qqmvI6mLkHJQpqq++Py2UTDo1u8VKa3ieYNUN070kgxpYiVBGs3L\n"
		48	"aaACIcEs48gnTRWc\n"
		49	"-----END CERTIFICATE-----\n";
		50
32	static const char cms_cert_1[] = \	51	static const char cms_cert_1[] = \
33	"-----BEGIN CERTIFICATE-----\n"	52	"-----BEGIN CERTIFICATE-----\n"
34	"MIICpDCCAYwCAQMwDQYJKoZIhvcNAQEFBQAwFjEUMBIGA1UEAwwLVGVzdCBDTVMg\n"	53	"MIICpDCCAYwCAQMwDQYJKoZIhvcNAQEFBQAwFjEUMBIGA1UEAwwLVGVzdCBDTVMg\n"
@@ -96,7 +115,7 @@ test_cms_encrypt_decrypt()
96	CMS_ContentInfo *ci = NULL;	115	CMS_ContentInfo *ci = NULL;
97	EVP_PKEY *pkey = NULL;	116	EVP_PKEY *pkey = NULL;
98	BIO *bio_mem = NULL;	117	BIO *bio_mem = NULL;
99	BIO *bio_out;	118	BIO *bio_out = NULL;
100	X509 *cert = NULL;	119	X509 *cert = NULL;
101	size_t len;	120	size_t len;
102	char *p;	121	char *p;
@@ -169,10 +188,113 @@ test_cms_encrypt_decrypt()
169		188
170	failure:	189	failure:
171	BIO_free(bio_mem);	190	BIO_free(bio_mem);
		191	BIO_free(bio_out);
		192	CMS_ContentInfo_free(ci);
		193	EVP_PKEY_free(pkey);
		194	sk_X509_free(certs);
		195	X509_free(cert);
		196
		197	return failed;
		198	}
		199
		200	static int
		201	test_cms_sign_verify()
		202	{
		203	STACK_OF(X509) *certs = NULL;
		204	CMS_ContentInfo *ci = NULL;
		205	X509_STORE *store = NULL;
		206	EVP_PKEY *pkey = NULL;
		207	BIO *bio_mem = NULL;
		208	BIO *bio_out = NULL;
		209	X509 *cert = NULL;
		210	X509 *ca = NULL;
		211	size_t len;
		212	char *p;
		213	int failed = 1;
		214
		215	if ((bio_out = BIO_new_fp(stdout, BIO_NOCLOSE)) == NULL)
		216	errx(1, "failed to create BIO");
		217
		218	if ((certs = sk_X509_new_null()) == NULL)
		219	errx(1, "failed to create certs");
		220	if ((bio_mem = BIO_new_mem_buf(cms_cert_1, -1)) == NULL)
		221	errx(1, "failed to create BIO for cert");
		222	if ((cert = PEM_read_bio_X509(bio_mem, NULL, NULL, NULL)) == NULL)
		223	errx(1, "failed to read cert");
		224	if (!sk_X509_push(certs, cert))
		225	errx(1, "failed to push cert");
		226
		227	BIO_free(bio_mem);
		228	if ((bio_mem = BIO_new_mem_buf(cms_ca_1, -1)) == NULL)
		229	errx(1, "failed to create BIO for cert");
		230	if ((ca = PEM_read_bio_X509(bio_mem, NULL, NULL, NULL)) == NULL)
		231	errx(1, "failed to read cert");
		232	if ((store = X509_STORE_new()) == NULL)
		233	errx(1, "failed to create X509 store");
		234	if (!X509_STORE_add_cert(store, ca))
		235	errx(1, "failed to add cert to store");
		236
		237	BIO_free(bio_mem);
		238	if ((bio_mem = BIO_new_mem_buf(cms_key_1, -1)) == NULL)
		239	errx(1, "failed to create BIO for key");
		240	if ((pkey = PEM_read_bio_PrivateKey(bio_mem, NULL, NULL, NULL)) == NULL)
		241	errx(1, "failed to read key");
		242
		243	BIO_free(bio_mem);
		244	if ((bio_mem = BIO_new_mem_buf(cms_msg, -1)) == NULL)
		245	errx(1, "failed to create BIO for message");
		246
		247	if ((ci = CMS_sign(cert, pkey, NULL, bio_mem, 0)) == NULL) {
		248	fprintf(stderr, "FAIL: CMS sign failed\n");
		249	ERR_print_errors_fp(stderr);
		250	goto failure;
		251	}
		252
		253	if (verbose) {
		254	if (!CMS_ContentInfo_print_ctx(bio_out, ci, 0, NULL))
		255	errx(1, "failed to print CMS ContentInfo");
		256	if (!PEM_write_bio_CMS(bio_out, ci))
		257	errx(1, "failed to print CMS PEM");
		258	}
		259
		260	BIO_free(bio_mem);
		261	if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
		262	errx(1, "failed to create BIO for message");
		263
		264	if (!CMS_verify(ci, certs, store, NULL, bio_mem, 0)) {
		265	fprintf(stderr, "FAIL: CMS_verify failed\n");
		266	ERR_print_errors_fp(stderr);
		267	goto failure;
		268	}
		269
		270	if ((len = BIO_get_mem_data(bio_mem, &p)) != strlen(cms_msg)) {
		271	fprintf(stderr, "FAIL: CMS verify returned %li bytes, "
		272	"want %zi bytes\n", len, strlen(cms_msg));
		273	fprintf(stderr, "Got CMS data:\n");
		274	hexdump(p, len);
		275	fprintf(stderr, "Want CMS data:\n");
		276	hexdump(cms_msg, strlen(cms_msg));
		277	goto failure;
		278	}
		279	if (memcmp(p, cms_msg, len) != 0) {
		280	fprintf(stderr, "FAIL: CMS verify message differs");
		281	fprintf(stderr, "Got CMS data:\n");
		282	hexdump(p, len);
		283	fprintf(stderr, "Want CMS data:\n");
		284	hexdump(cms_msg, strlen(cms_msg));
		285	goto failure;
		286	}
		287
		288	failed = 0;
		289
		290	failure:
		291	BIO_free(bio_mem);
		292	BIO_free(bio_out);
172	CMS_ContentInfo_free(ci);	293	CMS_ContentInfo_free(ci);
173	EVP_PKEY_free(pkey);	294	EVP_PKEY_free(pkey);
174	sk_X509_free(certs);	295	sk_X509_free(certs);
175	X509_free(cert);	296	X509_free(cert);
		297	X509_STORE_free(store);
176		298
177	return failed;	299	return failed;
178	}	300	}
@@ -185,6 +307,7 @@ main(int argc, char **argv)
185	ERR_load_crypto_strings();	307	ERR_load_crypto_strings();
186		308
187	failed \|= test_cms_encrypt_decrypt();	309	failed \|= test_cms_encrypt_decrypt();
		310	failed \|= test_cms_sign_verify();
188		311
189	return failed;	312	return failed;
190	}	313	}